CVE-2024-46341

It was discovered that TP-Link TL-WR845N(UN)_V4_190219 transmits base64-encoded credentials that can be easily decrypted by an attacker performing a man-in-the-middle attack.

Using CWE to declare a problem results in CWE-300. The product does not adequately verify the identity of the participants at both ends of the communication channel or does not adequately ensure the integrity of the channel in such a way that allows access to or influence the channel from a participant who is not an endpoint.

Exploit: Unknown